pf unconditionally disables TCP checksum offloading
J David
j.david.lists at gmail.com
Sat Aug 31 01:31:46 UTC 2013
Hello,
While testing 9.2, we discovered that merely having pf enabled (no
rules of any kind) was sufficient to completely, unconditionally
disables hardware checksum offloading.
If pf is disabled ("pfctl -d") then checksum offloading works fine.
If pf is merely enabled with no rules ("pfctl -e -F all"), checksum
offloading no longer works.
The culprit appears to be this code in pf_check_out:
if ((*m)->m_pkthdr.csum_flags & CSUM_DELAY_DATA) {
in_delayed_cksum(*m);
(*m)->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA;
}
CSUM_DELAY_DATA is defined as (CSUM_TCP | CSUM_UDP) in sys/mbuf.h, so
this effectively clears (*m)->m_pkthdr.csum_flags and never puts it
back.
Is this behavior intentional?
Thanks!
More information about the freebsd-pf
mailing list